How to choose great answers to security questions
Many online services require users to set up security answers to security questions as an extra layer of account protection. However, it is common for individuals to answer the questions truthfully, which could actually increase the chances of a successful account compromise. For example, just because your favorite color is red doesn’t mean you should put red.
When choosing an answer to security questions, the first thing that should come to mind is the safety of your account. A great habit to develop is creating answers to your security questions that actually don’t make sense to anyone but you. If someone guesses your password, the chances of them guessing “My car is lime green!” as an answer to the question “What year did you buy your first car?” is much lower. Another great example could be the answer “German Shepherd and Labrador” to the question “What kind of dog was your first dog?” Again, this is not answering the question directly, but putting your own twist to it, thereby reducing the chances of a successful account compromise.
While developing these specific habits can increase your account’s protection against attackers, there are many more out there. Some of these include:
- Including numbers and/or symbols at the end of your answer
- Converting certain numbers and letters in their alphanumeric opposite (e.g. replacing o with 0, replacing 4 with “A”)
- Repeating the answer multiple times (e.g. “RedRedRed”)
Your security answer should be similar to that of a password: easy to remember, but hard to guess.